Server-based biometric authentication system for partner businesses, server device, authentication terminal, control method of server device, and storage medium

This application is a National Stage Entry of PCT/JP2021/008773 filed on Mar. 5, 2021, the contents of all of which are incorporated herein by reference, in their entirety.

The present invention relates to a server device, an authentication terminal, a system, a control method of a server device, and a storage medium.

There are technologies related to employee benefit services.

For example, PTL 1 describes that a highly convenient benefit service is provided to a worker. The system of PTL 1 includes a service provider terminal device of a service provider that provides a user with a predetermined object or service. The service provider terminal device obtains a user identifier of the user from the user, and sends the user identifier, the service amount, and the service provider identifier to the server device. The server device stores the user identifier and the auxiliary amount calculation information in advance in association with each other, and receives the user identifier, the service amount, and the service provider identifier from the service provider terminal device. The server device calculates the auxiliary amount using the auxiliary amount calculation information stored in association with the received user identifier and the received service amount. The server device transmits the auxiliary amount or the payment amount obtained by subtracting the auxiliary amount from the received service amount to the service provider terminal device.

In recent years, technology related to biometric authentication has been developed.

For example, PTL 2 describes providing an identity confirmation device using face authentication capable of accurately and reliably performing identity confirmation by registering a plurality of pieces of face data in advance and enabling automatic update of a latest face image at all times. The identification device of PTL 2 includes a human sensor, an imaging means, a liquid crystal screen, a registration means, and a central processing unit (CPU). The human sensor is activated by bringing the face closer. The imaging means is activated by the operation of the human sensor. The liquid crystal screen displays the face image obtained from the imaging means. The registration means pre-registers face data to be collated with the face screen of the liquid crystal screen. The CPU collates the face data of the registration means with the face image obtained from the imaging means, and outputs an authentication permission signal when the principal is confirmed. The registration means can register a plurality of pieces of face data, and replaces face data having the lowest authentication threshold among the registered face data with the latest face data obtained at the time of collation.

In recent years, the way of working of employees has been diversified. For example, an increasing number of companies employ a “free address” that works by selecting a free seat in a determined space without having a fixed seat in an office. Some companies have a “satellite office” that works in a place away from a head office building where they mainly work.

Here, there is a need to use a facility such as a restaurant (for example, a cafeteria) near the head office building as a “workplace”. However, in order to use the restaurant as a “workplace”, it is not possible to determine whether the user enters the restaurant as an “employee” or a normal “ordinary customer”, and it is difficult to use the restaurant as a “workplace”.

The problem cannot be solved by applying the technology disclosed in PTL 1 or PTL 2. This is because PTL 1 provides employees with menus provided by restaurants in town at a low price, and PTL 2 improves accuracy of identity verification in biometric authentication.

A main object of the present invention is to provide a server device, an authentication terminal, a system, a control method of a server device, and a storage medium that contribute to achieving various ways of working of employees and the like.

According to a first aspect of the present invention, there is provided a server device including a registration unit that acquires biometric information of each of a plurality of employees working in a first company and registers the biometric information in a database, and an authentication unit that executes biometric authentication using biometric information of a first authentication target included in a first authentication request transmitted from a first authentication terminal installed in a second company having a partnership with the first company and the plurality of pieces of biometric information registered in the database, and manages that the first authentication target has clocked in to the first company when authentication is successful.

According to a second aspect of the present invention, there is provided an authentication terminal that transmits an authentication request including biometric information of a authentication target who has visited a second company that is in a partnership with a first company to a server device that stores biometric information of each employee at work in the first company and processes the authentication request.

According to a third aspect of the present invention, there is provided an authentication terminal including an order processing unit that acquires intention of a user regarding an order of a product or a service provided by a second company having a partnership with a first company, and an authentication request unit that, when the user indicates an intention to order the product or service, transmits an authentication request including biometric information of the user to a server device that stores biometric information of each employee at work in the first company and processes the authentication request. The authentication request unit receives an authentication result determined as authentication success when the user is an employee of a first company and the user is in a working state for the first company.

According to a fourth aspect of the present invention, there is provided a system including an authentication terminal that is installed in a second company that is in a partnership with a first company, and a server device that is connected to the authentication terminal. The server device includes a registration unit that acquires biometric information of each of a plurality of employees working in the first company and registers the biometric information in a database, and an authentication unit that executes biometric authentication using biometric information of a authentication target included in an authentication request transmitted from the authentication terminal and the plurality of pieces of biometric information registered in the database, and manage that the authentication target has clocked in to the first company when authentication is successful.

According to a fifth aspect of the present invention, there is provided a control method of a server device, including with the server device, acquiring biometric information of each of a plurality of employees working in a first company, registering the acquired biometric information in a database, executing biometric authentication using biometric information of a first authentication target included in a first authentication request transmitted from a first authentication terminal installed in a second company having a partnership with the first company and the plurality of pieces of biometric information registered in the database, and managing that the first authentication target has clocked in to the first company when authentication is successful.

According to a sixth aspect of the present invention, there is provided a non-transitory computer-readable storage medium storing a program for causing a computer mounted in a server device to execute acquiring biometric information of each of a plurality of employees working in a first company, registering the acquired biometric information in a database, executing biometric authentication using biometric information of a first authentication target included in a first authentication request transmitted from a first authentication terminal installed in a second company having a partnership with the first company and the plurality of pieces of biometric information registered in the database, and managing that the first authentication target has clocked in to the first company when authentication is successful.

According to each aspect of the present invention, a server device, an authentication terminal, a system, a control method of a server device, and a storage medium that contribute to achieving various ways of working of employees and the like are provided. The effect of the present invention is not limited to the above. According to the present invention, other effects may be exhibited instead of or in addition to the effects.

First, an outline of an example embodiment will be described. The reference numerals in the drawings attached to this outline are attached to each element for convenience as an example for assisting understanding, and the description of this outline is not intended to be any limitation. In a case where there is no particular explanation, the block described in each drawing represents not a configuration of a hardware unit but a configuration of a functional unit. Connection lines between blocks in each drawing include both bidirectional and unidirectional lines. The unidirectional arrow schematically indicates a flow of a main signal (data), and does not exclude bidirectionality. In the present specification and the drawings, elements that can be similarly described are denoted by the same reference numerals, and redundant description can be omitted.

A server deviceaccording to the example embodiment includes a registration unitand an authentication unit(see). The registration unitacquires biometric information on each of a plurality of employees working for a first company and registers the biometric information in a database. The authentication unitperforms biometric authentication using the plurality of pieces of biometric information registered in the database and biometric information which pertains to a first authentication target and which is included in a first authentication request transmitted from a first authentication terminal installed in a second company that is in a partnership with the first company. When the authentication is successful, the authentication unitregards the first authentication target as having clocked in to work at the first company.

The server deviceallows a second company (restaurant or the like) located around the first company (company or the like) to be used as a “workplace” for an employee or a worker working for the first company. The server devicegrasps that the employee has entered the store of the partner for the purpose of working by biometric authentication using the authentication request acquired from the first authentication terminal installed in the partner. As a result, the employees can perform their work at a place different from their own facilities or buildings. That is, the server devicecan achieve various ways of working of employees and the like.

Hereinafter, specific example embodiments will be described in more detail with reference to the drawings.

A first example embodiment will be described in more detail with reference to the drawings.

is a diagram illustrating an example of a schematic configuration of an authentication system according to the first example embodiment. The authentication system includes a first company and a second company having a partnership with the first company. In the example of, a restaurant located around a company (first company) corresponds to the second company. A cafeteria or the like around a building (hereinafter, it is referred to as a head office building) of a company or the like is the second company.

As described above, a company and a restaurant are in a partnership, and various benefits can be obtained when employees or the like of the company use the restaurant of the partner. For example, an employee of the company can use a restaurant of a partner as a “workplace”.

The employees of the partner company enter a restaurant and perform company upon receiving biometric authentication (for example, face authentication). The employee can complete payment related to product purchase by face authentication.

As illustrated in, the authentication system according to the first example embodiment includes a server device, a head office terminal, and a partner terminal.

The devices illustrated inare connected to each other. For example, the server deviceand the authentication terminal (head office terminaland partner terminal) are connected by wired or wireless communication means, and are configured to be able to communicate with each other.

The server deviceis a device that provides a service related to biometric authentication. The server devicestores biometric information of each of a plurality of employees working in a company (first company). The server devicereceives an authentication request from the authentication terminal (head office terminaland partner terminal). The server deviceexecutes biometric authentication using the stored biometric information and specifies the authentication target. The server devicetransmits the authentication result (authentication success, authentication failure) to the authentication terminal. The server devicemay be installed in the head office building or may be installed on a cloud.

The head office terminalis disposed in each place of the head office building. For example, as illustrated in, a head office terminal-and a head office terminal-are installed near an entrance of a building. Alternatively, a head office terminal-is installed in a store or a dining room.

The head office terminals-and-are authentication terminals that control entrance and exit of employees to and from the head office building. When the authentication target is successfully authenticated, the head office terminals-and-permit the authentication target (the authentication target determined to be successfully authenticated) to pass through the door or the gate.

The head office terminal-is an authentication terminal for making a payment for a product purchased by an employee or a service provided by the employee. The head office terminal-transmits the biometric information of the authentication target and the payment information (payment, purchase date, payment method, etc.) related to the purchased product or the like to the server device. The server deviceidentifies a product purchaser by biometric authentication and processes payment information.

The partner terminalis arranged at each place of the partner restaurant. For example, as illustrated in, a partner terminal-and a partner terminal-are installed near an entrance of a restaurant. Alternatively, a partner terminal-is installed in a counter that delivers products.

The partner terminal-is an authentication terminal for grasping an employee who enters a restaurant of the partner. The employee who wants to use the restaurant of the partner as a workplace is biometrically authenticated by the partner terminal-, and entry (clock-in) is managed. Similarly, an employee who uses the restaurant of the partner as a workplace is biometrically authenticated by the partner terminal-, and leaves (check-out) the restaurant is managed.

The partner terminal-is an authentication terminal for settlement of a product purchased by an employee at a partner restaurant. The partner terminal-transmits payment information regarding the product or the like purchased by the employee to the server device. The server deviceprocesses the payment information.

is an example and is not intended to limit the configuration and the like of the authentication system of the disclosure of the present application. For example, the authentication system may include two or more server devices. The authentication system may include at least one authentication terminal.

[Outline of System Operation]

Next, a schematic operation of the authentication system according to the first example embodiment will be described.

[User Registration]

As illustrated in, an employee at work in the head office building performs user registration in advance. The employee registers his/her own biometric information and personal information in the server device. For example, the employee operates his/her terminal to register the biometric information in the server device.

The biometric information of the user includes, for example, data (feature value) calculated from physical characteristics unique to an individual, such as a face, a fingerprint, a voiceprint, and a pattern of a vein, a retina, and an iris of a pupil. Alternatively, the biometric information of the user may be image data such as a face image and a fingerprint image. The biometric information of the user may include the physical characteristics of the user as information. In the first example embodiment, the biometric information is a face image or a feature value generated from the face image.

The personal information of the employee includes a name, a gender, a department to which the employee belongs, an employee identifier (ID), a contact address, and the like.

The server deviceassociates the biometric information of the employee with the employee ID to store the information in an authentication information database (DB; Database). The server devicestores the biometric information of each of the plurality of employees using the authentication information database. The server devicestores the employee ID, the name of the employee, the department to which the employee belongs, and the like in the employee information database in association with each other. Details of the authentication information database and the employee information database will be described later.

[Biometric Authentication at Head Office Building]

The employee who has clocked in to work in the head office building moves in front of the head office terminal-. The head office terminal-acquires the biometric information (for example, a face image) of the employee and transmits an authentication request including the acquired biometric information and terminal ID to the server device.

The terminal ID is identification information for identifying an authentication terminal (head office terminaland partner terminal). As the terminal ID, a media access control (MAC) address, an Internet protocol (IP) address, or the like of each authentication terminal can be used. The terminal ID is shared between the server deviceand the authentication terminal by an arbitrary means.

The server devicespecifies a transmission source of the authentication request based on the terminal ID included in the authentication request. The server devicedetermines that the transmission source of the authentication request is the head office terminal-based on the terminal ID.

The server deviceexecutes biometric authentication (collation processing) using the biometric information included in the authentication request and the biometric information registered in the authentication information database. The server devicetransmits an authentication result (authentication success, authentication failure) to the head office terminal-. When the biometric authentication is successful, the server devicestores the authentication time in the attendance management database as the clock-in time of the employee. Details of the attendance management database will be described later.

When the authentication success is received, the head office terminal-opens the door or the gate and permits the authentication target to pass. When the authentication failure is received, the head office terminal-closes the door or the gate and rejects passage of the authentication target.

Since the basic operation related to the head office terminal-can be similar to that of the head office terminal-, the description thereof will be omitted. The server devicestores the authentication time of the head office terminal-as the clock-out time of the employee in the attendance management database.